GDPR CLAUSE DEFINITIONS Sample Clauses

GDPR CLAUSE DEFINITIONS a. Data Protection Legislation means (i) the GDPR, the LED and any applicable national implementing Laws as amended from time to time (ii) the DPA 2018 to the extent that it relates to processing of personal data and privacy; (iiii) all applicable Law about the processing of personal data and privacy; b. Data Protection Impact Assessment means an assessment by the Controller of the impact of the envisaged processing on the protection of Personal Data c. Controller , Processor , Data Subject , Personal Data , Personal Data Breach , Data Protection Officer take the meaning given in the GDPR and the DPA 2018. d. Data Loss Event means any event that results, or may result, in unauthorised access to Personal Data held by the Contractor under this Agreement, and/or actual or potential loss and/or destruction of Personal Data in breach of this Agreement, including any Personal Data Breach. e. Data Subject Access Request means a request made by, or on behalf of, a Data Subject in accordance with rights granted pursuant to the Data Protection Legislation to access their Personal Data. f. DPA 2018 means Data Protection Act 2018 g. GDPR means the General Data Protection Regulation (Regulation (EU) 2016/679) h. LED means Law Enforcement Directive (Directive (EU) 2016/680) i. Protective Measures means appropriate technical and organisational measures which may include: pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of such measures adopted by it.

GDPR CLAUSE DEFINITIONS. Data Protection Legislation (i) the GDPR, the LED and any applicable national implementing Laws as amended from time to time (ii) the DPA 2018 [subject to Royal Assent] to the extent that it relates to processing of personal data and privacy; (iii) all applicable Law about the processing of personal data and privacy; Data Protection Impact Assessment an assessment by the Controller of the impact of the envisaged processing on the protection of Personal Data Controller, Processor, Data Subject, Personal Data, Personal Data Breach, Data Protection Officer take the meaning given in the GDPR Data Subject Access Request a request made by, or on behalf of, a Data Subject in accordance with rights granted pursuant to the Data Protection Legislation to access their Personal Data DPA 2018 Data Protection Act 2018 GDPR the General Data Protection Regulation (Regulation (EU) 2016/679) LED Law Enforcement Directive (Directive (EU) 2016/680) Protective Measures appropriate technical and organisational measures which may include: pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the such measures adopted by it Sub-processor any third party appointed to process Personal Data on behalf of the Councils related to this Agreement

GDPR CLAUSE DEFINITIONS. Data Protection Legislation: (i) all applicable UK law relating to the processing of personal data and privacy, including but not limited to the UK GDPR, and the Data Protection Act 2018 to the extent that it relates to processing of personal data and privacy; and (ii) (to the extent that it may be applicable) the EU GDPR). The UK GDPR and EU GDPR are defined in section 3 of the Data Protection Act 2018. Data Protection Impact Assessment: an assessment by the Controller carried out in accordance with Section 3 of the UK GDPR and sections 64 and 65 of the DPA 2018. Controller, Processor, Data Subject, Personal Data, Personal Data Breach, Data Protection Officer take the meaning given in the UK GDPR. Data Loss Event: any event that results, or may result, in unauthorised access to Personal Data held by the Processor under this Agreement, and/or actual or potential loss and/or destruction of Personal Data in breach of this Agreement, including any Personal Data Breach. Data Subject Request: a request made by, or on behalf of, a Data Subject in accordance with rights granted pursuant to Data Protection Legislation to access their Personal Data. DPA 2018: Data Protection Act 2018 UK GDPR: the UK General Data Protection Regulation Joint Controllers: takes the meaning given in Article 26 of the UK GDPR Law Enforcement Processing: processing under Part 3 of the DPA 2018. Protective Measures: appropriate technical and organisational measures designed to ensure compliance with obligations of the Parties arising under Data Protection Legislation and this Agreement, which may include: pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the such measures adopted by it including those outlined in Schedule [x] (Security). Sub-processor: any third Party appointed to process Personal Data on behalf of that Processor related to this Agreement